Mozilla uses Anthropic AI to uncover 271 Firefox vulnerabilities in internal test

Firefox developer Mozilla revealed that an early version of Anthropic’s Claude Mythos AI identified 271 vulnerabilities in the Firefox browser during internal testing, all of which were patched this week.

The findings point to how advanced AI systems are starting to scan large codebases at a scale that once depended on long hours of manual work by cybersecurity researchers. Mozilla said even hardened software targets could now be examined more deeply in a shorter time.

“As these capabilities reach the hands of more defenders, many other teams are now experiencing the same vertigo we did when the findings first came into focus,” Mozilla wrote. “For a hardened target, just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up.”

Earlier testing using another Anthropic model had uncovered 22 security-sensitive bugs in a previous Firefox release. Despite that progress, Mozilla noted that eliminating software exploits entirely has long been considered unrealistic.

“Until now, the industry has largely fought security to a draw,” the company wrote. “Vendors of critical internet-exposed software like Firefox take security extremely seriously and have teams of people who get out of bed every morning thinking about how to keep users safe.”

Mozilla said the new system can review source code and flag weaknesses in ways that previously required highly specialized human expertise. Internal results showed the model did not uncover bugs beyond the reach of top-tier researchers.

“Some commentators predict that future AI models will unearth entirely new forms of vulnerabilities that defy our current comprehension, but we don’t think so,” the company said. “Software like Firefox is designed in a modular way for humans to be able to reason about its correctness. It is complex, but not arbitrarily complex.”

Launched in March, Claude Mythos is described by Anthropic as its most advanced model for reasoning, coding, and cybersecurity tasks, positioned above its earlier Opus series. Pre-release testing suggested it could identify thousands of unknown vulnerabilities across operating systems and browsers.

Access to the system remains limited through a restricted initiative known as Project Glasswing, which allows select firms, including Amazon, Apple, and Microsoft, to scan software for security flaws.

Security researchers warn that the same capability could be used offensively. AI tools that can analyze code at scale may also automate the discovery of exploitable bugs across widely used software systems.

Testing by the U.K.’s AI Security Institute showed the model could carry out complex cyber operations on its own, including completing a multi-stage corporate network attack simulation without human input. Those results have drawn attention from governments and intelligence agencies.

Despite earlier tensions with Donald Trump’s administration over the use of Anthropic’s technology, the National Security Agency has deployed Claude Mythos Preview on classified networks, according to people familiar with the matter. The move signals growing interest among U.S. agencies in AI tools that can detect critical software vulnerabilities.

Anthropic has also acknowledged that current cybersecurity benchmarks are struggling to keep pace with its latest models, raising questions about how to measure AI performance in this field.

Mozilla said the results suggest a possible turning point, where defenders may begin to narrow the long-standing gap with attackers.

“We are extremely proud of how our team rose to meet this challenge, and others will too,” the company wrote. 

“Our work isn’t finished, but we’ve turned the corner and can glimpse a future much better than just keeping up. Defenders finally have a chance to win, decisively.”